Today’s Cyber Threat Level: BLUE /GUARDED
The Cyber Alert Level remains at Blue (Guarded):
On January 15, the Cyber Threat Alert Level was evaluated and remains at Blue (Guarded) due to vulnerabilities in Ivanti, SonicWall, Adobe, Microsoft, and Fortinet products.
On January 9, the MS-ISAC released two advisories. The first advisory was for multiple vulnerabilities in Ivanti products, the most severe of which could allow for remote code execution. The second advisory was for numerous vulnerabilities in SonicOS SSLVPN, the most severe of which could allow for authentication bypass.
On January 14, the MS-ISAC released four advisories. The first advisory was for multiple vulnerabilities in Adobe products, the most severe of which could allow for arbitrary code execution. The second advisory was for various vulnerabilities in Microsoft products, the most severe of which could allow remote code execution. The third advisory was for multiple vulnerabilities in Ivanti Avalanche that could allow for authentication bypass. The last advisory was for vulnerabilities in Fortinet products, the most severe of which could allow for remote code execution.
On January 15, the MS-ISAC released an advisory for multiple vulnerabilities in Rsync, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails, especially from un-trusted sources.
The Cyber Threat Level indicator displays the current level of malicious cyber activity and indicates the potential for or actual damage. The indicator comprises 5 levels:
Red or Severe Cyber Threat Level
Indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitating one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with severe or widespread damage or disruption of Critical Infrastructure Assets.
Orange or High Level
Indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, multiple system compromises, or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption, or the potential for severe damage or disruption is high.
Yellow or Elevated Level
This indicates a significant risk due to increased hacking, viruses, or malicious activity that compromises systems or diminishes service. At this level, known vulnerabilities are being exploited with a moderate level of damage or disruption, or the potential for significant damage or disruption is high.
Blue or Guarded Cyber Threat Level
Indicates a general risk of increased hacking, viruses, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified or known exploits have been identified, but no significant impact has occurred.
Green or Low Cyber Threat Level
Indicates a low risk.
Contact Commonwealth Sentinel to learn more about how the Cyber Threat Level affects your organization and what steps you can take to lower your own Level.